As businesses rapidly adopt hybrid infrastructures, they’re reaping the rewards of flexibility, scalability, and innovation. However, these benefits come at a significant cost: the expanding attack surface.
This expanding digital attack surface has created yet another set of acronyms, External Attack Surface Management (EASM) and Continuous Threat Exposure Management (CTEM). Part of the reason for the evolution of the market for Vulnerability Management has been due to the continued increase in vulnerabilities. The Australian Cyber Security Centre (ACSC) in its Annual Cyber Threat Report (2023-24) showed that public reported vulnerabilities and exposures increased 31% year on year.
“With a mix of on-premise, cloud, and multi-cloud environments, IT leaders face the daunting challenge of securing a more complex ecosystem while maintaining operational agility and business continuity,” according to Interactive head of product and solution design, cyber, David Dowling.
One of the most significant challenges is the lack of unified visibility across both on-premises and cloud environments, Dowling says, citing a recent whitepaper: ‘Business resilience in the age of hybrid infrastructure.’
In a hybrid model, Dowling says data and applications are spread across multiple platforms, often managed by different teams or vendors.
(David Dowling, head of product and solution design, Interactive)
“This fragmentation can lead to security blind spots, where threats go unnoticed until they escalate into serious incidents. Without seamless visibility into all parts of the infrastructure, security teams may struggle to detect and respond to vulnerabilities in real-time,” Dowling told iTnews.
In this hybrid world, where data flows seamlessly across on-premises and cloud environments, Dowling says “prioritising cyber security” is essential to safeguarding operations, protecting sensitive information, and ensuring continuity in the face of evolving threats.
Role of Unified Management and Threat Intelligence
Undoubtedly, as hybrid infrastructures grow, maintaining visibility and control becomes more challenging.
“A unified management approach gives us a single pane of glass to monitor our environment, making it easier to spot threats and respond quickly,” Dowling says. “This integration is crucial as the attack surface expands, enabling businesses to enhance their security posture while maintaining the agility necessary to keep up with market demands.”
Dowling stresses the importance of unified management frameworks to keep track of the complex array of systems in a hybrid environment. Tools like Microsoft Sentinel, integrated with threat intelligence from organisations like the Australian Cyber Security Centre (ACSC), help organisations identify and respond to threats like phishing websites and malware, without overwhelming security teams.
“One of the standout aspects of Microsoft’s approach is their integration of threat intelligence. They’re collaborating directly with the ACSC, embedding a wealth of threat intelligence into Microsoft Sentinel. This enables Microsoft customers to automate key security tasks. For instance, there are over a million phishing websites and other malicious threats targeting Australia, and through their partnership with the ACSC, Microsoft is able to flag and block access to these harmful sites. This collaboration brings immense value by making automation work to the benefit of security teams, helping them stay ahead of evolving threats.”
Need for Automation and Basic Cyber Hygiene
Certainly, in the face of expanding threats, “automation is a critical ally,” Dowling says.
That’s why he advocates for automating security tasks to minimise human error and enhance responsiveness to emerging threats. Routine processes, such as patching systems or responding to phishing attempts, can be time-consuming and prone to oversight. By automating these tasks, organisations can significantly reduce the window of vulnerability, allowing security teams to focus on more complex, strategic issues.
“Automation is a game-changer,” Dowling says. “It helps us handle basic cyber hygiene and respond faster and more effectively to threats. The ability to automate routine tasks means we’re always one step ahead, keeping our defenses strong without overloading our teams.
“By keeping your systems patched and up-to-date, it frees up time for you to tackle business-as-usual tasks and other important, yet often neglected, priorities—the things that tend to slip through the cracks when we’re too busy with the day-to-day.”
He says real-world examples illustrate how automation has enhanced security outcomes—particularly in areas like phishing detection and malware response. Automation allows for swift mitigation of risks, with minimal delays in addressing threats.
“While trends may shift, threat actors continue to exploit issues like misconfigurations, vulnerabilities, and users falling victim to credential theft. Automation helps redirect focus toward safeguarding your team, customer data, and the infrastructure that supports and secures both. It allows for a more efficient and targeted approach to security, ensuring stronger protection for all.”
Agility vs. Security: Striking the Right Balance
Let’s face it: In the hybrid cloud era, Dowling says businesses face the dual challenge of moving quickly while safeguarding their systems. Hybrid infrastructures enable rapid scaling and flexibility, but this can also introduce vulnerabilities if security measures aren’t robust enough.
“The key is striking a balance between agility and security,” Dowling says. “You don’t want to slow down your innovation, but you can’t afford to let security take a backseat. A strategic approach to hybrid security means you can innovate securely and protect your organisation without compromising on performance.”
For Dowling, the solution lies in integrating security into the hybrid model seamlessly. By leveraging tools that automate threat detection and response, and by ensuring systems are patched and monitored regularly, organisations can maintain both operational efficiency and strong protection.
Multi-Cloud Strategies: Mitigating Risks and Ensuring Resilience
Indeed, an effective way to mitigate risks and increase resilience in hybrid infrastructures is through multi-cloud strategies. By distributing workloads across multiple cloud providers, businesses can reduce the risk of a single point of failure, ensuring continued operation even if one cloud provider experiences issues.
“Multi-cloud environments allow for more flexibility, redundancy, and security by spreading workloads across several platforms,” Dowling explains. “This approach helps ensure that critical applications remain available even during disruptions, and it provides added protection against cyberattacks that may target specific cloud providers.”
By diversifying their cloud environments, organisations can also take advantage of specialised security tools and services provided by each cloud provider, further strengthening their overall security posture.
Future Path: A Strategic Approach to Hybrid Security
As organisations continue to embrace hybrid infrastructures, Dowling stresses the importance of a strategic, integrated approach to security. Rather than relying on disparate solutions, businesses must adopt security practices that span both on-premise and cloud environments. This includes automation, advanced threat intelligence, strong identity and access management (IAM) protocols, and regular system patching.
“The hybrid model is here to stay, and so are the security challenges it presents,” Dowling says. “A strategic approach to hybrid security is no longer optional—it’s essential to stay ahead of evolving threats and ensure business resilience.”
Effective identity and access management (IAM) is another cornerstone of hybrid security. With more users accessing critical systems across different environments, controlling access to sensitive data becomes more complicated. Dowling emphasises the importance of robust IAM practices, including multi-factor authentication and continuous monitoring, to ensure that only authorised individuals have access to critical applications.
“IAM is the ‘key to the kingdom’ in today’s security landscape,” Dowling says. “Securing user identities and ensuring that only authorised people access sensitive data is crucial for preventing breaches caused by compromised credentials.”
For more practical tips and strategies on securing your hybrid infrastructure, read the full report here Business Resilience in the age of hybrid infrastructure | Interactive